Package "linux-azure-cvm"

  linux-azure-cvm (5.4.0-1063.66+cvm2) focal; urgency=medium

  * focal/linux-azure-cvm: 5.4.0-1063.66+cvm2 -proposed tracker (LP: #1947232)

  * linux-azure-cvm: Create a 5.4 based kernel (LP: #1948057)
    - Revert "UBUNTU: [Packaging] linux-azure-cvm: Disable UEFI signed kernel
      image"

  * Backport commits required for confidential VMs (LP: #1915146)
    - SAUCE: x86/hyperv: Load/save the Isolation Configuration leaf
    - SAUCE: x86/Hyper-V: Add visibility parameter for vmbus_establish_gpadl()
    - SAUCE: x86/Hyper-V: Add new hvcall guest address host visibility support
    - SAUCE: HV: Get Hyper-V Isolated VM capability
    - SAUCE: HV: Add Write/Read MSR registers via ghcb
    - SAUCE: HV: Add ghcb hvcall support for SNP VM
    - SAUCE: HV/Vmbus: Add SNP support for VMbus channel initiate message
    - SAUCE: hv/vmbus: Initialize VMbus ring buffer for Isolated VM
    - SAUCE: x86/Hyper-V: Initialize bounce buffer page cache and list
    - SAUCE: x86/Hyper-V: Add new parameter for
      vmbus_sendpacket_pagebuffer()/mpb_desc()
    - SAUCE: x86/Hyper-V: Copy data from/to bounce buffer during IO operation.
    - SAUCE: HV/Netvsc: Add SNP support for netvsc driver
    - SAUCE: HV/Storvsc: Add bounce buffer support for Storvsc
    - hv_netvsc: Remove unnecessary round_up for recv_completion_cnt
    - hv_netvsc: Add validation for untrusted Hyper-V values
    - drivers: hv: vmbus: Introduce latency testing
    - Drivers: hv: vmbus: Add vmbus_requestor data structure for VMBus hardening
    - scsi: storvsc: Use vmbus_requestor to generate transaction IDs for VMBus
      hardening
    - hv_netvsc: Use vmbus_requestor to generate transaction IDs for VMBus
      hardening
    - SAUCE: Drivers: hv: vmbus: Copy packets sent by Hyper-V out of the ring
      buffer
    - SAUCE: hv_utils: Add validation for untrusted Hyper-V values
    - SAUCE: Drivers: hv: vmbus: Initialize memory to be sent to the host
    - Drivers: hv: copy from message page only what's needed
    - Drivers: hv: check VMBus messages lengths
    - Drivers: hv: allocate the exact needed memory for messages
    - SAUCE: Drivers: hv: vmbus: Reduce number of references to message in
      vmbus_on_msg_dpc()
    - Drivers: hv: make sure that 'struct vmbus_channel_message_header' compiles
      correctly
    - SAUCE: Drivers: hv: vmbus: Resolve race condition in vmbus_onoffer_rescind()
    - SAUCE: scsi: storvsc: Fix max_outstanding_req_per_channel for Win8 and newer
    - SAUCE: scsi: storvsc: Resolve data race in storvsc_probe()
    - SAUCE: scsi: storvsc: Validate length of incoming packet in
      storvsc_on_channel_callback()
    - SAUCE: hv_netvsc: Add (more) validation for untrusted Hyper-V values
    - Drivers: hv: vmbus: Introduce table of VMBus protocol versions
    - Drivers: hv: vmbus: Enable VMBus protocol versions 4.1, 5.1 and 5.2
    - SAUCE: Drivers: hv: vmbus: Restrict vmbus_devices on isolated guests
    - SAUCE: Drivers: hv: vmbus: Enforce 'VMBus version >= 5.2' on isolated guests
    - SAUCE: hv_netvsc: Restrict configurations on isolated guests
    - SAUCE: hv_netvsc: Copy packets sent by Hyper-V out of the receive buffer
    - SAUCE: HV/Bounce buffer: Add SMP support in the bounce buffer code
    - SAUCE: HV/IVM: Disable interrupt when read ghcb
    - SAUCE: HV/Netvsc: Unmap recv_buf and send buf in extra address space
    - SAUCE: HV: Set gpadl buffer not visible to host when return buffer back to
      system
    - SAUCE: Stovsc: Reserve bounce buffer for storvsc subchannel
    - hv_netvsc: Validate number of allocated sub-channels
    - SAUCE: Drivers: hv: vmbus: Copy the hv_message in vmbus_on_msg_dpc()
    - SAUCE: hv_netvsc: Allocate the recv_buf buffers after
      NVSP_MSG1_TYPE_SEND_RECV_BUF
    - SAUCE: hv_netvsc: Load and store the proper (NBL_HASH_INFO) per-packet info
    - SAUCE: HV/Netvsc: Fix dropping package during high network throughput
    - SAUCE: Netvsc: Fix race condition with skb
    - SAUCE: HV/IVM: Add support for new AMD GHCB spec
    - [Config] azure: CONFIG_HYPERV_TESTING=y
    - Drivers: hv: vmbus: Use after free in __vmbus_open()
    - hv_netvsc: Cache the current data path to avoid duplicate call and message
    - hv_netvsc: Wait for completion on request SWITCH_DATA_PATH
    - Drivers: hv: vmbus: Drop error message when 'No request id available'
    - SAUCE: Revert "UBUNTU: SAUCE: Drivers: hv: vmbus: Copy packets sent by
      Hyper-V out of the ring buffer"
    - SAUCE: Drivers: hv: vmbus: Copy packets sent by Hyper-V out of the ring
      buffer
    - SAUCE: scsi: storvsc: Use blk_mq_unique_tag() to generate requestIDs
    - SAUCE: HV/Storvsc: Adjust bounce buffer in on_channel_callback
    - SAUCE: move hv_init_channel_ivm before vmbus_device_register
    - SAUCE: vmbus: Fix reserve bounce buffer isn't released during unloading
      driver
    - SAUCE: scsi: storvsc: Fix validation for unsolicited incoming packets

  [ Ubuntu: 5.4.0-1063.66 ]

  * focal/linux-azure: 5.4.0-1063.66 -proposed tracker (LP: #1947235)
  * focal/linux: 5.4.0-90.101 -proposed tracker (LP: #1947260)
  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/2021.10.18)
  * Add final-checks to check certificates (LP: #1947174)
    - [Packaging] Add system trusted and revocation keys final check
  * No sound on Lenovo laptop models Legion 15IMHG05, Yoga 7 14ITL5, and 13s
    Gen2 (LP: #1939052)
    - ALSA: hda/realtek: Quirks to enable speaker output for Lenovo Legion 7i
      15IMHG05, Yoga 7i 14ITL5/15ITL5, and 13s Gen2 laptops.
    - ALSA: hda/realtek: Fix for quirk to enable speaker output on the Lenovo 13s
      Gen2
  * CVE-2020-36385
    - RDMA/cma: Add missing locking to rdma_accept()
    - RDMA/ucma: Fix the locking of ctx->file
    - RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy
  * Focal update: v5.4.148 upstream stable release (LP: #1946802)
    - rtc: tps65910: Correct driver module alias
    - btrfs: wake up async_del